syzbot

 sign-in | mailing list | source | docs
🐞 Open [1130] 🐞 Fixed [4213] 🐞 Invalid [9343] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KCSAN: data-race in __mod_timer / __mod_timer (7)

Status: auto-closed as invalid on 2022/03/10 01:23
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 375d, last: 306d
similar bugs (7):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __mod_timer / __mod_timer 1 890d 890d 0/24 auto-closed as invalid on 2020/08/03 09:45
upstream KCSAN: data-race in __mod_timer / __mod_timer (6) 1 419d 419d 0/24 auto-closed as invalid on 2021/11/17 13:29
upstream KCSAN: data-race in __mod_timer / __mod_timer (2) 6 729d 729d 0/24 auto-closed as invalid on 2021/01/11 09:46
upstream KCSAN: data-race in __mod_timer / __mod_timer (8) 19 80d 264d 0/24 auto-obsoleted due to no activity on 2022/10/22 07:18
upstream KCSAN: data-race in __mod_timer / __mod_timer (3) 1 690d 690d 0/24 auto-closed as invalid on 2021/02/18 17:11
upstream KCSAN: data-race in __mod_timer / __mod_timer (4) 1 652d 652d 0/24 auto-closed as invalid on 2021/03/28 20:33
upstream KCSAN: data-race in __mod_timer / __mod_timer (5) 2 603d 613d 0/24 auto-closed as invalid on 2021/05/17 11:47

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __mod_timer / __mod_timer

write to 0xffff8881364bdcd0 of 8 bytes by interrupt on cpu 1:
 __mod_timer+0x720/0xc30 kernel/time/timer.c:1052
 mod_timer+0x1b/0x20 kernel/time/timer.c:1108
 mod_peer_timer drivers/net/wireguard/timers.c:37 [inline]
 wg_timers_any_authenticated_packet_traversal+0xc4/0xf0 drivers/net/wireguard/timers.c:215
 wg_packet_consume_data_done drivers/net/wireguard/receive.c:361 [inline]
 wg_packet_rx_poll+0x865/0x11f0 drivers/net/wireguard/receive.c:481
 __napi_poll+0x65/0x3f0 net/core/dev.c:6365
 napi_poll net/core/dev.c:6432 [inline]
 net_rx_action+0x29e/0x650 net/core/dev.c:6519
 __do_softirq+0x158/0x2de kernel/softirq.c:558
 do_softirq+0xb1/0xf0 kernel/softirq.c:459
 __local_bh_enable_ip+0x68/0x70 kernel/softirq.c:383
 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
 _raw_spin_unlock_bh+0x33/0x40 kernel/locking/spinlock.c:210
 spin_unlock_bh include/linux/spinlock.h:394 [inline]
 ptr_ring_consume_bh include/linux/ptr_ring.h:367 [inline]
 wg_packet_decrypt_worker+0x73c/0x780 drivers/net/wireguard/receive.c:506
 process_one_work+0x3f6/0x960 kernel/workqueue.c:2307
 worker_thread+0x616/0xa70 kernel/workqueue.c:2454
 kthread+0x1bf/0x1e0 kernel/kthread.c:377
 ret_from_fork+0x1f/0x30

read to 0xffff8881364bdcd0 of 8 bytes by task 1916 on cpu 0:
 __mod_timer+0x7c/0xc30 kernel/time/timer.c:980
 mod_timer+0x1b/0x20 kernel/time/timer.c:1108
 mod_peer_timer drivers/net/wireguard/timers.c:37 [inline]
 wg_timers_any_authenticated_packet_traversal+0xc4/0xf0 drivers/net/wireguard/timers.c:215
 wg_packet_create_data_done drivers/net/wireguard/send.c:247 [inline]
 wg_packet_tx_worker+0xf7/0x360 drivers/net/wireguard/send.c:276
 process_one_work+0x3f6/0x960 kernel/workqueue.c:2307
 worker_thread+0x616/0xa70 kernel/workqueue.c:2454
 kthread+0x1bf/0x1e0 kernel/kthread.c:377
 ret_from_fork+0x1f/0x30

value changed: 0x00000000ffffc32c -> 0x00000000ffffc6ec

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 1916 Comm: kworker/0:5 Not tainted 5.17.0-rc2-syzkaller-00054-g27bb0b18c208 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: wg-crypt-wg2 wg_packet_tx_worker
==================================================================

Crashes (11):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2022/02/03 01:17 upstream 27bb0b18c208 4ebb2798 .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2022/01/24 20:18 upstream dd81e1c7d5fb 214351e1 .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2022/01/18 00:24 upstream 0c947b893d69 731a2d23 .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2022/01/14 12:00 upstream fb3b0673b7d5 b8d780ab .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2022/01/03 21:34 upstream c9e6606c7fe9 4a3f34f2 .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2021/12/23 16:58 upstream bc491fb12513 6caa12e4 .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2021/12/19 21:18 upstream a76c3d035872 44068e19 .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2021/12/12 05:51 upstream a763d5a5abd6 49ca1f59 .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2021/12/05 21:12 upstream 944207047ca4 a617004c .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2021/11/30 17:52 upstream d58071a8a76d 80270552 .config log report info KCSAN: data-race in __mod_timer / __mod_timer
ci2-upstream-kcsan-gce 2021/11/26 13:36 upstream a4849f6000e2 63eeac02 .config log report info KCSAN: data-race in __mod_timer / __mod_timer
* Struck through repros no longer work on HEAD.